CVE-2022-41217 - Cloudflow - Unauthenticated file upload vulnerability
|Page author||Victor Pasman|
|Problem type(s)||CWE-434: Unrestricted Upload of File with Dangerous Type|
|Impact(s)||CAPEC-650 Upload a Web Shell to a Web Server|
|Solution(s)||Upgrade to version 2.3.2 of Cloudflow|
|Last modified||23 Feb 2023 12:56|
Cloudflow contains a unauthenticated file upload vulnerability, which makes it possible for an attacker to upload malicious files to the CLOUDFLOW PROOFSCOPE built-in storage.